• Hacks & Exploits
  • Breaking News

Ledger Users Targeted by Physical Phishing Scam Demanding Seed Phrases

4/30/2025
2min read
Denislav Manolov's Image
by Denislav Manolov
Crypto Expert at Airdrops.com
4/30/2025
2min read
Denislav Manolov's Image
by Denislav Manolov
Crypto Expert

Fake Ledger Letters Are Hitting Mailboxes

In a disturbing twist to crypto phishing scams, Ledger hardware wallet owners are now being targeted with physical letters, complete with official-looking branding, requesting them to validate their 24-word recovery phrases. Tech analyst Jacob Canfield was one of the victims, sharing images of the forged letter he received that threatened to restrict access to his funds unless he completed a so-called "mandatory validation process." The fraudulent document even carried a QR code leading to a malicious site designed to steal wallet credentials.

Canfield suspects the scammers are using personal data from Ledger’s 2020 data leak, which exposed the personal details of over 270,000 customers.

Scam Letters Masquerade as Critical Security Alerts

The letter Canfield received mimicked Ledger’s branding, including their business address and what looked like a real support reference number. It demanded that he complete a "critical security update" and scan a QR code—leading to a phishing site that asked for his recovery phrase. 

“Be very cautious and warn any friends or family that you know is in crypto and is not that savvy,” Canfield urged. 

This incident wasn’t isolated. According to a hardware wallet reseller, multiple users have reported receiving similar fake letters. Some even reported receiving tampered Ledger devices designed to install malware and compromise their private keys upon use. 

Ledger Responds: "It’s a Scam—Stay Vigilant"

Ledger responded by confirming that these physical letters are fraudulent and reminded customers that they will never ask for a user’s 24-word recovery phrase, not by letter, phone, DM, or email.

“Unfortunately, scammers impersonating Ledger are common,” the company said. “Our devices remain secure regardless of these scams—as long as your recovery phrase is private.”

The firm acknowledged the growing sophistication of scams and said they are actively working to detect, report, and block impersonators across platforms. However, as Ledger noted, they can’t control what scammers say or do on social media or through postal mail.

Time to Update the Warning System?

Canfield recommended that Ledger should update its warnings to explicitly include physical letters alongside DMs and emails. This is especially important for non-tech-savvy crypto users, who may fall prey to the realistic look of the phishing messages. In its closing statement, Ledger emphasized that its hardware wallets are built for high-level security, with frequent system updates to meet evolving threats. The company also warned against engaging with imposter accounts or unsolicited “help” offers related to wallet access or lost funds.

Share with your friends on social media:

Join the community and don't miss a crypto giveaway.

Subscribe for updates by e-mail with the latest research reviews, airdrop news, reward programs, event updates about upcoming airdrops.

By entering your email address you are accepting our Terms & Conditions and Privacy & Cookie Policy.